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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH{S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of tiiirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication, 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 
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I) 0 Responsive to communication(s) filed on . 

2a)n This action is FINAL. 2b)[3 This action is non-final. 

3) 0 Since this application is in condition for allowance except for fonnal matters, prosecution as to the merits is 

closed in accordance with the practice under £x parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 
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4) S Claim(s) 1-26 is/are pending in the application. 
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5) 0 Claim(s) is/are allowed. 

6) [E Claim(s) 1-26 Is/are rejected. 
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9) 0 The specification is objected to by the Examiner. 
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DETAILED ACTION 
Drawings 

1 . The drawings are objected to as failing to comply with 37 CFR 1 .84(p)(5) 
because they do not include the following reference sign(s) mentioned in the 
description: fig. 2, ref. num 21 1 is missing. The reference to fig. 2, ref. num 21 should 
be ref. num 21 1 . Corrected drawing sheets in compliance with 37 CFR 1 .121 (d) are 
required in reply to the Office action to avoid abandonment of the application. Any 
amended replacement drawing sheet should include all of the figures appearing on the 
immediate prior version of the sheet, even if only one figure Is being amended. The 
replacement sheet(s) should be labeled "Replacement Sheet" in the page header (as 
per 37 CFR 1 .84(c)) so as not to obstruct any portion of the drawing figures. If the 
changes are not accepted by the examiner, the applicant will be notified and informed of 
any required corrective action in the next Office action. The objection to the drawings 
will not be held in abeyance. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary slcill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-26 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Vanderqeest (U.S. Patent No. 6,247,127) in view of White (U.S. Patent No. 4,630,201). 
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Regarding claim 1 . Vanderqeest teaches a metliod of conducting a secure 
transaction with an on-line service while offline comprising the steps of: 

• Issuing a transaction authorization token to a user from an application server for 
the on-line service while the user is online (col. 4, lines 8-16); and 

• Preparing an off-line transaction object containing data to specify and request the 
transaction (col. 4, lines 18-20 and col. 5, lines 15-22). 

Vanderqeest does not teach sending a message to the on-line service, said 
message containing the transaction object and the authorization token, upon receipt of 
the message, the application server validating the token to authenticate the user and to 
authorize the transaction, or executing the transaction object if the transaction is 
authorized. 

White teaches sending a message to the on-line service, said message 
containing the transaction object and the authorization token; upon receipt of the 
message, the application server validating the token to authenticate the user and to 
authorize the transaction; and executing the transaction object if the transaction is 
authorized (fig. 2B and col. 7, line 60 through col. 8, line 9). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine sending a message to the on-line service, said 
message containing the transaction object and the authorization token, upon receipt of 
the message, the application server validating the token to authenticate the user and to 
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authorize the transaction, and executing the transaction object if the transaction is 
authorized, as taught by White, with the method of Vanderaeest . It would have been 
obvious for such modifications because these limitations take the appropriate steps to 
authenticate the processing that was performed offline by the user (see col. 7, lines 60- 
62 of White). 

Regarding claim 2 . the examiner takes Official notice that wherein the token is 
issued to the user via an e-mail message sent from the application server is an obvious 
modification. Sending attachments via e-mail is well known, and in most cases desired. 
Providing a user e-mail messages with attached data allows the user to download the 
message and read through at his/her own leisure and save the attachment for later 
viewing. 

Regarding claim 3 . the combination of Vanderqeest in view of White teaches 
wherein the token is issued to the user via a download operation while the user is on- 
line (see col. 4, lines 20-21 of Vandergeest). 

Regarding claim 4 . the combination of Vanderqeest in view of White teaches 
wherein the user prepares the transaction object off-line (see col. 4, lines 20-28 of 
Vandergeest). 



Regarding claim 5 . the combination of Vanderqeest in view of White teaches 
wherein the on-line service comprises the application server, and the user requests the 
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token for the transaction from the application server (see col. 5, lines 24-40 of 
Vandergeest). 

Regarding claim 6 . the combination of Vandergeest in view of White teaches 
wherein the application server accesses a database (see col. 3, lines 40-45 of 
Vandergeest). 

Regarding claim 7 . the combination of Vandergeest in view of White teaches 
wherein the token comprises a unique identifier that is generated by the on-line service 
when the token is issued (see col. 4, lines 53-57 of Vandergeest). 

Regarding claim 8 . the combination of Vandergeest in view of White teaches 
wherein the token is a one-way encryption of at least one of an identity of the user, a 
transaction type, and a data object for which the transaction is authorized (see col. 4, 
lines 36-66 of Vandergeest). 

Regarding claim 9 . the combination of Vandergeest in view of White teaches 
wherein the application server receives an incoming message including the token, 
checks the token for validity, and accepts or rejects the token (see col. 7, line 60 
through col. 8, line 9 of White). 



Regarding claim 10 . the combination of Vandergeest in view of White teaches 
wherein the message delivering the token and off-line transaction from the user to the 
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application server is an e-mail message delivered to the application server via an 
asynchronous e-mail delivery method (see col. 7, line 60 through col. 8, line 9 of White, 
the use of e-mail delivery is explained above in claim 2.). 

Regarding claim 11 . the combination of Vanderqeest in view of White teaches 
where the asynchronous delivery mechanism is database record synchronization (see 
fig. 3A and 3B of White). 

Regarding claim 12 . the combination of Vanderqeest in view of While teaches 
where the asynchronous e-mail delivery method comprises a synchronization of data 
between a portable computing device and an on-line service (see fig. 1 , ref. num 20 and 
30 of White). 

Regarding claim 13 . the combination of Vanderqeest in view of White teaches 
wherein the token includes data representing a time period during which the token is 
valid (see col. 4, lines 47-52 of Vandergeest). 

Regarding claim 14 . the combination of Vanderqeest in view of White teaches 
wherein the token includes data representing a valid access duration for the token (see 
col. 4, lines 47-52 of Vandergeest). 



Regarding claim 15 . the combination of Vanderqeest in view of White teaches 
wherein the token specifies an e-mail audit signature, and said token is valid only if the 
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transaction is sent from an e-mail program via an e-mail delivery path that matches the 
e-mail audit signature (see col. 3, lines 46-52 of Vandergeest). 

Regarding claim 16 . the examiner takes official notice that wherein an e-mail 
address to which the message is sent varies according to an authorized data object and 
transaction type is an obvious modification. This is an obvious modification because the 
transaction types may be very different. For example, in a banking scheme, one person 
is responsible for opening accounts, while another person is responsible for ATM 
transactions. It would be desirable to have different addresses for these two different 
tasks so the person responsible for opening accounts does not receive emails 
pertaining to making a deposit, and vice versa. 

Regarding claim 17 . the combination of Vandergeest in view of White teaches 
further comprising encrypting the transaction object (see col. 4, lines 3-7 of 
Vandergeest). 

Regarding claim 18 . the combination of Vandergeest in view of White teaches 
wherein said encrypting comprises issuing a temporary public key that is a one-way 
encryption function of an address to which the transaction is to be sent for encryption of 
the transaction object (see col . 2, lines 3-7 of Vandergeest). 



Regarding claim 19 . the examiner takes Official notice that wherein the token is 
contained in a body or a header of an e-mail message is an obvious modification. For 
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reasons similar to that of claim 2, and further reasoning such as when a user forgets 
his/her password - the server sends e-mail displaying the forgotten password to the 
address on file. 

Regarding claim 20 . the combination of Vanderqeest in view of White teaches 
wherein the token and the transaction object are attachments to an e-mail message 
(see rejection of claim 2 above). 

Regarding claim 21 . the combination of Vanderaeest in view of White teaches 
wherein the application server ensures that the token can only be used once by 
authorizing a specific transaction by a specific user on specific data objects (see col. 8, 
lines 6-9 of White). 

Regarding claim 22 . the combination of Vanderaeest in view of While teaches 
wherein the application server is a web-based application server (see fig. 1, ref. num 24 
of Vandergeest). 

Regarding claim 23 . the combination of Vanderaeest in view of White teaches 
whereon said transaction is selected from the group consisting of a database 
modification, update, adding a file, and editing a file (see fig. 1 , ref. num 22 of White, the 
table of check numbers can be modified, added, updated, etc.). 
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Regarding claim 24 . the combination of Vanderaeest in view of White teaches 
further comprising checking out a file, editing the file off-line, and checking in the file as 
an e-mail attachment (see col. 6, lines 32-50 of White, as for checking in the file as an 
e-mail attachment, the reasoning for its obviousness is stated for claim 2 above). 

Regarding claim 25 . the combination of Vanderqeest in view of White teaches 
further comprising authenticating the user with a password and a network identity while 
the user is accessing the on-line service (see col. 8, lines 51-55 of White). 

Regarding claim 26 . the combination of Vanderaeest in view of White teaches 
wherein the user comprises a software agent that conducts the transaction on behalf of 
the user (see col. 8, lines 36-39 of White). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brandon Hoffman whose telephone number Is 571-272- 
3863. The examiner can normally be reached on M-F 8:30 - 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor. Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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